package com.szcatic.ework.controller.login;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.alibaba.druid.util.StringUtils;
import com.szcatic.ework.service.UserService;
import com.szcatic.ework.service.login.LoginService;
import com.szcatic.ework.utils.CryptographyUtils;
import com.szcatic.ework.utils.NetworkUtils;
import com.szcatic.ework.utils.UserAgentUtils;
import com.szcatic.ework.vo.User;
import com.szcatic.ework.vo.other.LoginInfo;

/**
 * 登录Controller
 * @author Administrator
 *
 */
@Controller
public class LoginController {
	
	@Autowired
	private HttpServletRequest request;
	
	@Autowired
	private UserService userService;
	
	@Autowired
	private LoginService loginService;
	@RequestMapping(value="login",method=RequestMethod.GET)
	public String login() {
		return "login/login";
	}
	
	@RequestMapping(value="login",method=RequestMethod.POST)
	public String loginForm() {
		Subject subject = SecurityUtils.getSubject();
		String userName = request.getParameter("userName");
		String password = request.getParameter("password");
		UsernamePasswordToken token = new UsernamePasswordToken(userName, CryptographyUtils.md5(password, "szcatic"));
		String rememberMe = request.getParameter("rememberMe");
		if(StringUtils.equals("1", rememberMe)) {
			token.setRememberMe(true);
		}
		try {
			subject.login(token);
			//登录后，重新根据用户名获得用户信息
			User user = userService.getUserByUserName(userName.trim());
			subject.getSession().setAttribute("user", user);
			LoginInfo loginInfo = buildLoginInfo(request);
			loginService.insertLoginInfo(loginInfo);
			return "redirect:home";
		} catch(AuthenticationException e) {
			System.out.println("用户名或密码错误");
			request.setAttribute("error", "用户名或密码错误");
			return "login/login";
		}
	}
	
	/**
	 * 无权限跳转页面
	 * @return
	 */
	@RequestMapping(value="unauthorized")
	public String unauthorized() {
		return "login/unauthorized";
	}
	
	/**
	 * 用户退出
	 * @return
	 */
	@RequestMapping(value="logout")
	public String logout() {
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return "redirect:login";
				
	}
	
	/**
	 * 构建登录信息
	 * @param request
	 * @return
	 */
	private LoginInfo buildLoginInfo(HttpServletRequest request) {
		LoginInfo loginInfo = new LoginInfo();
		Subject subject = SecurityUtils.getSubject();
		User user = (User)subject.getSession().getAttribute("user");
		loginInfo.setUser(user);
		loginInfo.setBrower(UserAgentUtils.getBrowser(request));
		loginInfo.setOs(UserAgentUtils.getOS(request));
		loginInfo.setSessionId(subject.getSession().getId().toString());
		try {
			loginInfo.setIp(NetworkUtils.getIpAddress(request));
		} catch (IOException e) {
			e.printStackTrace();
		}
		loginInfo.setLoginType("1"); //用户名密码登录
		return loginInfo;
	}

}
